Here’s a chilling story from MSNBC:
Two laptop computers with detailed personal information about commercial drivers who transport hazardous materials across the United States are missing and considered stolen. The laptops belong to a contractor working for the Transportation Security Administration and contain the names, addresses, birthdays, commercial driver’s license numbers and, in some cases, Social Security numbers of 3,930 people, according to an Oct. 12 letter from TSA to lawmakers.
It seems like we see a story like this every few weeks. Sensitive personal information, including payroll records, social security numbers and the results of criminal background checks and credit checks are put on a laptop. Then, the laptop is lost or stolen and the people whose information was on it find out that they’re at risk.
You’ve got sensitive information about the people who work for you. You’ve got their personnel records. You’ve got the results of background and credit checks for employees and people you’ve considered hiring. You also have records on your customers and prospects. You’re responsible for keeping those records secure.
Use the available technological tools. Use passwords to keep records out of reach of the casual browser. Use encryption to make them even more secure.
Treat your entire computer like a sensitive record. Keep it safe. Chain it down. If it’s hooked up to another computer or to a network or the internet, make sure you’ve got cybersecurity systems in place and working.
If you must put sensitive records on a laptop make sure you keep the laptop safe. Have specific security procedures for laptops. Make sure your people use the procedures.
If you’re not doing so already, make sure you’re doing background and credit checks on people with access to sensitive information. That includes anyone with access to computers that hold sensitive information.